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« The MAILING DATE of this communication appears on the cover sheet with the correspondence address « 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )E3 Responsive to communication(s) filed on 09 February 2004 . 
2a)D This action is FINAL. 2b)[X] This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) S Claim(s) 7-34 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) |3 Claim(s) 30-34 is/are allowed. 

6) (3 Claim(s) 1-26 is/are rejected. 

7) M Claim(s) 27-29 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 



3.D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



1. 



This office action is in response to Amendment B, paper number 7, which was filed 



February 9, 2004. Claims 1-31 are presented for examination. 



2. 



The text of those sections of Title 35, U.S. code not included in this office action can be 



found in a prior office action. 



Claim Rejections - 35 USC § 103 



3. Claims 1-6, 12-14, and 26 are rejected under 35 U.S.C 103(a) as being unpatentable 
over Belkin et al. (USPN 6,542,920) (hereinafter Belkin) in view of IBM Technical 
Disclosure Bulletin ("Single System Image and Load Balancing for Network Access to a 
Loosely Coupled Complex") (hereinafter IBM). 

4. As per claim 1, Belkin teaches the invention substantially as claimed, including a system 
including a processor, and a collection of resources interacting with said processor, said 
resources including at least a memory and a library of executable modules that are supported by 
an operating system, the improvement comprising: 

a plurality of processing stacks (col. 6 lines 25-38), each including a predefined set of at 
least one mediation module that processes an applied signal to form a signal that is applied to 
said at least one resource of said collection of resources (col. 5 lines 20-43); and 

a service director module that receives requests of different types that are directed to said 
resources, classifies said requests in accordance with said types of said requests (col. 5 lines 44- 
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53), each different one of said resources being responsive to requests of a different type (col. 5 
lines 20-43), and directs said requests to different ones of said processing stacks, based on said 
classifying (col. 5 lines 44-53). 

Belkin does not specifically teach the following limitations: 

the service director intercepting requests. 

5. IBM teaches the invention as claimed, including the following limitations not shown by 
Belkin: 

the service director intercepting requests (pg. 1). 

6. It would have been obvious to one of ordinary skill in the art to combine Belkin and IBM 
since the classification of requests as performed by Belkin is not specifically related to 
interception of requests, as in a sandboxed or otherwise secured environment. Rather, it is a 
method of classifying requests of different types, but there is an assumption of safety associated 
with the incoming requests. IBM provides a mechanism of intercepting requests, such that as an 
incoming request is received, there may be certain security procedures instilled therein, such as a 
sandbox or firewall, which further serves to protect the system. 

7. As per claim 2, Belkin teaches the invention as claimed, including the system of claim 1 
wherein said at least one resource to which said signal is applied develops an output signal that is 
accepted by said at least one mediation module (col. 10 lines 35-49). 
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8. As per claim 3, Belkin teaches the invention as claimed, including the system of claim 1, 
wherein at least one processing stack of said plurality of processing stacks comprises an ordered 
sequence of at least two mediation modules (col. 5 lines 20-43). 

9. As per claim 4, Belkin teaches the invention as claimed, including the system of claim 1, 
wherein said service director receives a request from an application that is active on said system 
and applies said request to said at least one mediation module (col. 5 lines 44-53). 

10. As per claim 5, Belkin teaches the invention as claimed, including the system of claim 4, 
wherein said mediation module receives a return signal from said at least one resource of said 
collection of resources, processes said return signal to form a processed return signal, and sends 
said processed return signal to said application (col. 10 lines 35-49). 

11. As per claim 6, Belkin teaches the invention as claimed, including the system of claim 5 
wherein said at least one resource of said collection of resources sends said processed return 
signal via said service director (col. 10 lines 35-49). 

12. As per claim 12, Belkin teaches the invention as claimed, including the system of claim 
1, wherein said service director includes: 

a service request classifier that classifies a received service request (col. 9 lines 17-60); 

and 
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a processing stack selector that selects a processing stack based upon said classification, 
and communicates said service request to said selected processing stack (col. 9 lines 17-60). 

13. As per claim 13, Belkin teaches the invention as claimed, including the system of claim 
1, wherein said service director includes a service request classifier that classifies a service 
request based upon the type of service request and arguments of the service request (col. 9 lines 
17-33). 

14. As per claim 14, Belkin teaches the invention as claimed, including the system of claim 1 
further comprising a connection to a network (col. 3 line 66 - col. 4 line 8). 

15. As per claim 26, Belkin teaches the invention as claimed, including the system of claim 1 
further comprising a read-only program store that is read by said system upon boot-up (col. 16 
line 66 - col. 17 line 23; col. 8 lines 27-39). 

16 Claims 7-11, 19, and 23-25 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Belkin in view of IBM in view of Mueller et al. (USPN 6,351,816) 
(hereinafter Mueller), 

17. As per claim 7, Mueller teaches the invention as claimed, including the following 
limitations not shown by Belkin or IBM: 
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the system of claim 1, wherein said at least one mediation module is based upon a chosen 
security policy (col. 2. line 50 - col. 3 line 54). 

18. It would have been obvious to one of ordinary skill in the art to combine Belkin and IBM 
for reasons discussed above in paragraph 6. It would have been obvious to one of ordinary skill 
in the art to add Mueller to the combination of Belkin and IBM since the method of Belkin 
provides a system that supports specialization in terms of a specific processing stack (thread 
pool) for each type of request, including a Java engine to support Java applications, but fails to 
account for network security or otherwise securing the file system. Such concerns are gaining 
more and more importance, particularly with the advent of wireless networks, making security a 
primary concern in the development of any type of networked environment. Furthermore, 
although Belkin does not specifically mention how security is handled, such services are easily 
added on to Belkin, as provisions are made for performing additional types of services (col. 5 
lines 20-43). Of particular relevance is the Java engine, which typically downloads code to be 
executed, making security a necessity to ensure system safety. Mueller teaches a way of 
implementing security within a Java Virtual Machine (JVM), including authentication and 
encryption techniques, and would allow for security to be easily implemented for the Java engine 
in Belkin. 

19. As per claim 8, Mueller teaches the invention as claimed, including the system of claim 
1, wherein said at least one mediation module in said processing stack performs encryption (col. 
3 line 55 - col. 4 line 23). 
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20. As per claim 9, Mueller teaches the invention as claimed, including the system of claim 
1, wherein said mediation module is a namespace manager (col. 3 lines 26-29). 

21. As per claim 10, Mueller teaches the invention as claimed, including the system of claim 
1, wherein said mediation module performs authentication (col. 3 lines 44-54). 

22. As per claim 1 1, Mueller teaches the invention as claimed, including the system of claim 
1 wherein said mediation module is a secure file system (col. 2 line 50 - col. 3 line 54). 

23. As per claim 19, Mueller teaches the invention as claimed, including the system of claim 
1 further comprising a compliance supervisor that is coupled to said processing stacks, and to 
said service director, and is adapted for receiving security policy information from outside said 
system (col. 4 lines 59-65). 

24. As per claim 23, Mueller teaches the invention as claimed, including the system of claim 
1, wherein said at least one mediation module includes at least one authentication code retriever 
that retrieves an authentication code and a validation system that validates said service request 
against said authentication code (col 3 lines 44-54). 

25. As per claim 24, Mueller teaches the invention as claimed, including the system of claim 
1 , wherein said operating system includes means to prevent implication of an operating system 
breach from an administrative user breach (col. 2 line 50 - col. 3 line 54). 
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26. As per claim 25, Mueller teaches the invention as claimed, including the system of claim 
1 wherein said service director and said processing stacks are embedded in a loadable library of 
C language executable modules (col. 1 line 66 - col. 2 line 7). 

27. Claims 15-18 are rejected under 35 U.S.C. 103(a) as being unpatentable over Belkin 
in view of IBM in view of Remer et al. (USPN 6,598,083) (hereinafter Remer). 

28. As per claim 15, Remer teaches the invention as claimed, including the following 
limitations not shown by Belkin or IBM: 

the system of claim 14 wherein said connection is secure (col 7 lines 48-56). 

29. It would have been obvious to one of ordinary skill in the art to combine Belkin and IBM 
for reasons discussed above in paragraph 6. It would have been obvious to one of ordinary skill 
in the art to add Remer to the combination of Belkin and IBM since the method of Belkin 
provides a system that supports specialization in terms of a specific processing stack (thread 
pool) for each type of request, including a Java engine to support Java applications, but fails to 
account for network security or otherwise securing the file system. Such concerns are gaining 
more and more importance, particularly with the advent of wireless networks, making security a 
primary concern in the development of any type of networked environment. Furthermore, 
although Belkin does not specifically mention how security is handled, such services are easily 
added on to Belkin, as provisions are made for performing additional types of services (col. 5 
lines 20-43). Security breaches may originate from several sources, including violations of the 



Application/Control Number: 09/528,38 1 Page 9 

Art Unit: 2127 

security policy implemented on the system, or through interception of an insecure connection. 
Providing strong security for the connection, including authentication and encryption algorithms, 
as taught by Remer, would eliminate another potential vulnerability in the network. 

30. As per claim 16, Remer teaches the invention as claimed, including the system of claim 
14, wherein said network is a virtual private network (col. 8 lines 7-21). 

31. As per claim 17, Remer teaches the invention as claimed, including the system of claim 
14 wherein said connection is secured (col. 7 lines 48-56). 

32. As per claim 18, Remer teaches the invention as claimed, including the system of claim 
14 wherein said connection is secured through encryption (col. 2 lines 20-29). 

33. Claims 20-22 are rejected under 35 U.S.C. 103(a) as being unpatentable over Belkin 
in view of IBM iv view Mueller in view of Remer. 

34. As per claim 20, Remer teaches the invention as claimed, including the following 
limitations not shown by Belkin, IBM, or Mueller: 

the system of claim 19, wherein said compliance supervisor receives said security policy 
information from a virtual private network (col. 8 lines 7-36). 

35. It would have been obvious to one of ordinary skill in the art to combine Belkin, IBM, 
and Mueller for reasons discussed above in reference to paragraph 18. It would have been 
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obvious to one of ordinary skill in the art to add Remer to the combination of Belkin, IBM, and 
Mueller since the method of Belkin provides a system that supports specialization in terms of a 
specific processing stack (thread pool) for each type of request, including a Java engine to 
support Java applications, but fails to account for network security or otherwise securing the file 
system. Such concerns are gaining more and more importance, particularly with the advent of 
wireless networks, making security a primary concern in the development of any type of 
networked environment. Furthermore, although Belkin does not specifically mention how 
security is handled, such services are easily added on to Belkin, as provisions are made for 
performing additional types of services (col. 5 lines 20-43). Of particular relevance is the Java 
engine, which typically downloads code to be executed, making security a necessity to ensure 
system safety. Mueller teaches a way of implementing security within a Java Virtual Machine 
(JVM), including authentication and encryption techniques, and would allow for security to be 
easily implemented for the Java engine in Belkin. Additionally, security breaches may originate 
from several sources, including violations of the security policy implemented on the system, a 
problem that Mueller teaches a remedy for, or through interception of an insecure connection. 
Providing strong security for the connection, including authentication and encryption algorithms, 
as taught by Remer, would eliminate another potential vulnerability in the network. 

36. As per claim 21, Mueller teaches the invention as claimed, including the system of claim 
19, wherein said compliance supervisor includes a processing stack modifier that modifies said 
processing stack based upon a received security policy (col. 3 line 55 - col. 4 line 44). 
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37. As per claim 22, Belkin teaches the invention as claimed, including the system of claim 
19, wherein said compliance supervisor includes a processing stack creator that creates a 
processing stack based upon said security policy (col. 4 line 66 - col. 5 line 7). 

Allowable Subject Matter 

38. Claims 30-34 are allowed. 

39. Claims 27-29 are objected to as being dependent upon a rejected base claim, but would 
be allowable if rewritten in independent form including all of the limitations of the base claim 
and any intervening claims. 

Response to Arguments 

40. Applicant's arguments with respect to claims 1-26 have been considered but are moot in 
view of the new grounds of rejection. 

Conclusion 

41. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Syed J Ali whose telephone number is (703) 305-8106. The 
examiner can normally be reached on Mon-Fri 8-5:30, 2nd Friday off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Meng-Ai T An can be reached on (703) 305-9678. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 




Syed Ali 
April 12, 2004 




